[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP with SSL

To: Chamith Kumarage <gnu.chami@gmx.net>
Subject: Re: OpenLDAP with SSL
From: DT Piotr Wadas <pwadas@dtpw.pl>
Date: Fri, 4 Dec 2009 12:38:59 +0100 (CET)
Cc: openldap-technical@openldap.org
In-reply-to: <1259921770.7904.50.camel@chamith-laptop>
References: <1259921770.7904.50.camel@chamith-laptop>


On Fri, 4 Dec 2009, Chamith Kumarage wrote:

> Hi Folks,
> 
> I have setup openldap with SSL and i'm using self signed certs. I have
> included the following in my slapd.conf.
> 
> TLSCipherSuite HIGH:MEDIUM:-SSLv2
> TLSCACertificateFile /etc/ldap/ssl/server.pem
> TLSCertificateFile /etc/ldap/ssl/server.pem
> TLSCertificateKeyFile /etc/ldap/ssl/server.pem
> TLSVerifyClient demand
> 
> and in my ldap.conf I have;
> 
> HOST <my_ip>
> PORT 636
> TLS_REQCERT /etc/ldap/ssl/server.pem

What slapd starting line (-h option) you've used? should be something like

"ldap://127.0.0.1:389/ ldaps://127.0.0.1:636/ ldapi:///"

E.g. in Debian it's configured via /etc/default/slapd file.

Regards,
DT

Follow-Ups:
- Re: OpenLDAP with SSL
  - From: Chamith Kumarage <gnu.chami@gmx.net>

References:
- OpenLDAP with SSL
  - From: Chamith Kumarage <gnu.chami@gmx.net>

Prev by Date: Re: bootstrapping mirrormode
Next by Date: Re: bootstrapping mirrormode
Index(es):
- Chronological
- Thread